@page
@model Net8.Identity.Server.Pages.ConsentModel
@addTagHelper *, Microsoft.AspNetCore.Mvc.TagHelpers
@using Net8.Identity.Server.Services

@{
    ViewData["Title"] = "授权确认";
    var scopes = Model.Scopes ?? new List<string> { "基本信息", "邮箱", "用户资料" };
    var clientName = Model.ClientName ?? "第三方应用";
}

<div class="container">
    <div class="row justify-content-center">
        <div class="col-md-8 col-lg-6">
            <div class="card-modern mt-5">
                <div class="card-header">
                    <h3 class="mb-2">
                        <i class="bi bi-shield-check me-2"></i>授权确认
                    </h3>
                    <p class="mb-0">请仔细检查以下权限请求</p>
                </div>
                
                <div class="card-body">
                    @if (!string.IsNullOrEmpty(Model.ErrorMessage))
                    {
                        <div class="alert alert-danger alert-modern mb-4" role="alert">
                            <i class="bi bi-exclamation-triangle me-2"></i>
                            @Model.ErrorMessage
                        </div>
                    }
                    
                    <!-- 应用信息 -->
                    <div class="alert alert-info alert-modern mb-4">
                        <div class="d-flex align-items-center">
                            <div class="flex-shrink-0">
                                <div class="icon icon-info" style="width: 3rem; height: 3rem; font-size: 1.2rem;">
                                    <i class="bi bi-app"></i>
                                </div>
                            </div>
                            <div class="flex-grow-1 ms-3">
                                <h6 class="fw-bold mb-1">应用信息</h6>
                                <p class="mb-1">
                                    <strong>@clientName</strong> 请求访问您的以下信息：
                                </p>
                                <small class="text-muted">
                                    <i class="bi bi-info-circle me-1"></i>
                                    请仔细检查所有权限后再做决定
                                </small>
                            </div>
                        </div>
                    </div>

                    <!-- 权限列表 -->
                    <div class="permissions-list mb-4">
                        <h6 class="fw-bold mb-3">
                            <i class="bi bi-key me-1"></i>请求的权限
                        </h6>
                        <ul class="list-group list-group-flush">
                            @foreach (var scope in scopes)
                            {
                                <li class="list-group-item px-0 py-2">
                                    <div class="d-flex align-items-center">
                                        <div class="flex-shrink-0 text-success">
                                            <i class="bi bi-check-circle-fill"></i>
                                        </div>
                                        <div class="flex-grow-1 ms-3">
                                            <strong>@scope</strong>
                                        </div>
                                    </div>
                                </li>
                            }
                        </ul>
                    </div>

                    <!-- 安全提示 -->
                    <div class="alert alert-warning alert-modern mb-4">
                        <h6 class="alert-heading">
                            <i class="bi bi-shield-exclamation me-1"></i>安全提示
                        </h6>
                        <ul class="mb-0 small">
                            <li>请确认您信任该应用开发者</li>
                            <li>授权后，应用将能获取上述权限范围内的信息</li>
                            <li>您可以随时在设置中撤销授权</li>
                        </ul>
                    </div>

                    <!-- 操作按钮 -->
                    <form method="post" asp-page="/Consent">
                        <input name="grant" id="grant" type="hidden" />
                        <input name="ReturnUrl" type="hidden" value="@Model.ReturnUrl" />
                        <input name="ClientName" type="hidden" value="@Model.ClientName" />
                        @Html.AntiForgeryToken()
                        <div class="row g-3">
                            <div class="col-6">
                                <button type="submit" 
                                        class="btn btn-success btn-modern w-100"
                                        onclick="document.getElementById('grant').value='@Consts.GrantAccessValue';">
                                    <i class="bi bi-check-lg me-2"></i>同意授权
                                </button>
                            </div>
                            <div class="col-6">
                                <button type="submit" 
                                        class="btn btn-outline-secondary btn-modern w-100"
                                        onclick="document.getElementById('grant').value='@Consts.DenyAccessValue';">
                                    <i class="bi bi-x-lg me-2"></i>拒绝授权
                                </button>
                            </div>
                        </div>
                    </form>

                    @if (!string.IsNullOrEmpty(Model.ReturnUrl))
                    {
                        <div class="mt-3">
                            <small class="text-muted">
                                <i class="bi bi-arrow-return-left me-1"></i>
                                <strong>回调地址：</strong>
                                <code class="bg-light p-1 rounded">@Model.ReturnUrl</code>
                            </small>
                        </div>
                    }
                </div>
            </div>
        </div>
    </div>
</div>

@section Scripts {
    <script>
        // 监听表单提交
        document.addEventListener('DOMContentLoaded', function() {
            const form = document.querySelector('form');
            
            if (form) {
                // 监听按钮点击
                const allowBtn = form.querySelector('.btn-success');
                const denyBtn = form.querySelector('.btn-outline-secondary');
                
                if (allowBtn) {
                    allowBtn.addEventListener('click', function() {
                        // 同意授权逻辑
                    });
                }
                
                if (denyBtn) {
                    denyBtn.addEventListener('click', function() {
                        // 拒绝授权逻辑
                    });
                }
                
                form.addEventListener('submit', function(e) {
                    const grantValue = document.getElementById('grant').value;
                    if (!grantValue) {
                        e.preventDefault();
                        alert('请选择授权决定');
                        return false;
                    }
                });
            }
        });
    </script>
}